enParadigm Leverages Axiom’s Cloud SOC Solution to Manage Security Threats Proactively

Introduction

enParadigm is a sales enablement solution company that uses proprietary algorithms and AI to build advanced digital simulations and SMART micro-learning platforms. The company did not have cloud security under control due to the lack of monitoring and alerting mechanisms. Axiom has implemen Axiom has implemented its Cloud Security Operations Center (Cloud SOC) out-of-the-box solution. This solution integrates various AWS security tools and enables the customer to secure its cloud workloads effectively.

The Challenge

• Manual Threat Detection and Monitoring
  The customer lacked a centralized monitoring dashboard. They were analyzing event logs for potential security vulnerabilities manually, a very time-consuming process.
• Lack of Proper Alerting/Reporting Mechanisms
  The customer did not have an alerting system set up to discover security incidents. They would become aware of any suspicious activity in their accounts only when the AWS team informed them about it.
• Not Meeting Compliance Regulations
  The company was not meeting various security and data protection compliance standards.

Why Axiom?

Axiom, being an AWS Advanced Consulting Partner, has been providing cloud security solutions to small and mid-sized businesses for more than 5 years. The compa The company has experienced security engineers that leverage readymade playbooks to respond to and mitigate threats 24/7. The Cloud SOC team deploys an automated solution that integrates various cloud-native security tools to manag inciden incidents effectively.

Solution

Axiom provided a tailor-made Cloud SOC solution to the customer integrating multiple AWS security tools. The solution has a monitoring dashboard built with Kibana and Amazon Elasticsearch Service that gives a comprehensive view of security alerts across all AWS accounts.

• Amazon Guard Duty analyzes tens of millions of events across multiple AWS data sources such as Amazon VPC Flow Logs and DNS logs. Security logs are sourced to AWS Security Hub and then displayed on the Kibana dashboard.
• Amazon Inspector automatically assesses applications for exposure and vulnerabilities and this information is sourced to the Security Hub and displayed on the dashboard.
• The dashboard displays CIS benchmark compliance metrics sourced from the Security Hub scans.
• Geolocation-based IP access logs a Geolocation-based IP access logs are monitored for any suspicious activity. This is done using AWS CloudTrail that records AWS API calls.

Next Steps

Axiom is now implementing remediation playbooks to maximize the customer’s application security. Cloud SOC engineers use playbooks that capture standard operating procedures to automate remediation actions.